Thomas Hawk posted a photo:
Mark Tindale has added a photo to the pool:
Annette_747 has added a photo to the pool:
Vanaf vrijdag gaat het in Den Haag weer over de anderhalve meter afstand, vaccinaties en de avondklok, want dan start de parlementaire enquête over de coronabeleid.
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/podcasts/wp-content/blogs.dir/131/files/2021/03/haagsezakenfeatured.png)
Aan de telefoon belooft Henk Ruis om onderzoek te doen naar wat er misging bij de inseminaties van Cas en zijn zusje.
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/35fd7e4-04292026_Uitgelicht_Algemeen_Artikel-%2520en%2520itemafbeelding_1280x768px_03.png)
SpaceX's upgraded Starship V3 launched today from Starbase, Texas, for the first time, successfully deploying 22 dummy Starlink satellites and completing a planned fiery splashdown in the Indian Ocean. Reuters reports: The towering vehicle, consisting of the upper-stage Starship astronaut vessel stacked atop a Super Heavy booster rocket, blasted off at about 5:30 p.m. CT on Friday (2230 GMT) from SpaceX facilities in Starbase, Texas, on the Gulf of Mexico near Brownsville. A live SpaceX webcast of the liftoff showed the rocketship, more than 40 stories tall, climbing from the launch tower as the Super Heavy's cluster of Raptor engines thundered to life in a ball of flames and billowing clouds of vapor and exhaust. The test ended about an hour later when the Starship vehicle made it through a blazing re-entry through Earth's atmosphere and splashed down into the Indian Ocean, nose up as planned, as SpaceX employees who gathered to watch a live webcast of the flight cheered. The lower-stage Super Heavy came down separately in the Gulf of Mexico about six minutes after blast-off.
The launch marked SpaceX's 12th Starship test flight since 2023 and the first ever for the V3 iteration of both the cruise vessel and its Super Heavy booster, as well as the first blast-off from a new launch pad designed for the more powerful rocket. During its suborbital cruise phase, Starship successfully released its payload of 20 mock Starlink satellites one by one, plus two actual modified satellites that scanned the spacecraft's heat shield and transmitted data back to operators on the ground during the vehicle's descent. Starship made it to its cruise phase despite the loss of one of its six upper-stage engines, and mission controllers opted not to attempt an inflight re-ignition of the engines before re-entry. But the vehicle did execute a return-landing burn at the very end of its flight, along with several aerodynamic maneuvers deliberately intended to place the spacecraft under maximum stress, and Starship completed those moves intact for its controlled final descent. You can watch a recorded livestream of the launch on YouTube.
The launch marked SpaceX's 12th Starship test flight since 2023 and the first ever for the V3 iteration of both the cruise vessel and its Super Heavy booster, as well as the first blast-off from a new launch pad designed for the more powerful rocket. During its suborbital cruise phase, Starship successfully released its payload of 20 mock Starlink satellites one by one, plus two actual modified satellites that scanned the spacecraft's heat shield and transmitted data back to operators on the ground during the vehicle's descent. Starship made it to its cruise phase despite the loss of one of its six upper-stage engines, and mission controllers opted not to attempt an inflight re-ignition of the engines before re-entry. But the vehicle did execute a return-landing burn at the very end of its flight, along with several aerodynamic maneuvers deliberately intended to place the spacecraft under maximum stress, and Starship completed those moves intact for its controlled final descent. You can watch a recorded livestream of the launch on YouTube.
Read more of this story at Slashdot.
Aikido Security found that deleted Google API keys can continue authenticating for a median of about 16 minutes and as long as 23 minutes, despite Google Cloud's UI claiming that once a key is deleted it can no longer make API requests. Dark Reading reports: Joe Leon, researcher at Belgian startup Aikido Security, recently analyzed the revocation window -- the time between a key's deletion and its last successful authentication -- for the cloud giant's API keys. In a blog post published today, Leon said Google Cloud Platform (GCP) customers expect API access to end immediately after the key is deleted, but this is not the case. In a series of tests, Leon found that the median revocation window was around 16 minutes, while the longest window was up to 23 minutes, "an incredibly long time" for API keys to continue authenticating successfully, he said.
And these windows have serious repercussions for organizations. "An attacker holding your deleted key can keep sending requests until one reaches a server that has not caught up. If Gemini is enabled on the project, they can dump files you have uploaded and exfiltrate cached conversations," Leon said. "The GCP console will not show the key, and it will not tell you the key is still working. You are trusting Google's infrastructure to eventually catch up."
[...] Leon tells Dark Reading the revocation windows for Google's API keys, as well as the unpredictable authentication success rates, complicate matters for incident response teams that are dealing with a potential breach. "This breaks the mental model IR teams have when responding to leaked credentials," he says. "It's assumed that when you click 'Delete' or 'Revoke' that the credential no longer works. Now IR teams need to remember that for GCP credentials, a window exists when that 'Deleted' credential still works for attackers."
To that end, Aikido recommended that security teams and IR personnel use a 30-minute window for Google API key deletions. Additionally, organizations should monitor their API requests by credential through the "Enabled APIs and services" portion of the GCP console, and review API requests by credential. "If you see unexpected usage from that credential after deletion, someone could be actively exploiting it," Leon wrote. Aikido reported the findings to Google, but the company closed the report as "won't fix," according to the blog post.
And these windows have serious repercussions for organizations. "An attacker holding your deleted key can keep sending requests until one reaches a server that has not caught up. If Gemini is enabled on the project, they can dump files you have uploaded and exfiltrate cached conversations," Leon said. "The GCP console will not show the key, and it will not tell you the key is still working. You are trusting Google's infrastructure to eventually catch up."
[...] Leon tells Dark Reading the revocation windows for Google's API keys, as well as the unpredictable authentication success rates, complicate matters for incident response teams that are dealing with a potential breach. "This breaks the mental model IR teams have when responding to leaked credentials," he says. "It's assumed that when you click 'Delete' or 'Revoke' that the credential no longer works. Now IR teams need to remember that for GCP credentials, a window exists when that 'Deleted' credential still works for attackers."
To that end, Aikido recommended that security teams and IR personnel use a 30-minute window for Google API key deletions. Additionally, organizations should monitor their API requests by credential through the "Enabled APIs and services" portion of the GCP console, and review API requests by credential. "If you see unexpected usage from that credential after deletion, someone could be actively exploiting it," Leon wrote. Aikido reported the findings to Google, but the company closed the report as "won't fix," according to the blog post.
Read more of this story at Slashdot.
Max Verstappen and Isack Hadjar both complained about the ride of the Red Bull RB22 in Sprint Qualifying ahead of the Canadian Grand Prix, with the former stating "my feet were flying off the pedals".
The drivers and teams report back after a busy Friday from the Circuit Gilles Villeneuve for the 2026 Canadian Grand Prix.
George Russell secured pole position for the Sprint in Canada ahead of his Mercedes team mate Kimi Antonelli.
Phone company launched by Donald Trump’s family says names and contact details appear to be affected, but not credit card or banking information
A phone company launched by Donald Trump’s family business is investigating a potential security flaw on its website that appears to have exposed the personal details of an estimated 27,000 people who sought to buy a gold-coloured smartphone.
Trump Mobile said in a statement that it was investigating the issue – “with the assistance of independent cybersecurity professionals” – in which the full names, addresses and phone numbers of people who filled out preorder forms appeared to be exposed.
Continue reading...Ukraine dismisses Russian president’s claim, saying attack on dormitory in Russian-controlled region in the east ‘exclusively targeted the Russian war machine’. What we know on day 1,550
Russian President Vladimir Putin has blamed Ukraine for what he described as a deadly drone attack on a student dorm in Luhansk, a Russian-controlled region in eastern Ukraine, and has vowed to retaliate. Ukraine’s military denied the Russian accusations and said it had struck an elite drone command unit in the area. The Russian president said in a statement, carried by state TV on Friday, that he had ordered his military to prepare options to retaliate for the attack in Starobilsk that killed six people and wounded dozens, with 15 people still unaccounted for. He said Kyiv’s military must have known what it was targeting. At a UN security council emergency meeting called by Russia, Melnyk Andrii, the Ukrainian ambassador to the UN, rejeced his Russian counterparts’ accusations of war crimes, calling them a “pure propaganda show”. He added that the operations on Friday “exclusively targeted the Russian war machine” with strikes neutralising an oil refinery, “which was fuelling occupation forces, ammunition depots, air defence assets, and also command centres.”
The Czech president, Petr Pavel, has urged Nato to “show its teeth” in response to Russia’s repeated testing of the alliance’s resolve on its eastern flank, suggesting a range of options including switching off its internet, cutting off its banks from global financial systems and shooting down jets that violate allied airspace. Speaking to the Guardian in Prague, Pavel called for “decisive enough, potentially even asymmetric” responses to counter Moscow’s provocative behaviour against the alliance or risk the Kremlin intensifying its actions.
The UN’s nuclear watchdog said on Friday that Ukrainian authorities had advised that a fire had broken out at the Dniprovska 750-kilovolt electrical substation due to military activity, causing a nuclear power station to be partially disconnected from off-site power. The International Atomic Energy Agency said firefighters were tackling the fire but an operating nuclear power plant was partially disconnected from its off site power supplies at the request of the grid operator.
Falling debris from drones has triggered a fire at an oil terminal in Russia’s Black Sea port of Novorossiysk, injuring two people and damaging several technical and administrative buildings, officials said early on Saturday. The injured men had been in the street when the drones attacked the port and were being treated in hospital. Ukrainian forces on Friday also attacked a Russian oil refinery in Yaroslavl, about 700km from the border. The Ukrainian Defence Ministry said on X on Friday that Ukraine hit 11 Russian oil facilities this month as of 21 May, including Kirishi, one of Russia’s largest refineries.
Hundreds of Ukrainians have marched through Kyiv to demand that the government veto a bill they say could prematurely declare missing soldiers dead. The protest in Ukraine’s capital on Friday targeted Bill No. 13646 which addresses the legal status of missing persons. More than 90,000 people are listed as missing in Ukraine’s registry.
US troop numbers in Europe are expected to drop from 80,000 after a review reflecting wider commitments, US secretary of state Marco Rubio said on Friday. In Helsingborg, Sweden for a Nato foreign ministers meeting, Rubio said it was “well understood in the alliance that the United States’ troop presence in Europe is going to be adjusted … you know, we have obligations in the Indo-Pacific, we have obligations in the Middle East, we have obligations in the western hemisphere”. Last week, the Pentagon said it would halt the rotation of 4,000 more into Poland, only for Trump to apparently reverse that on Thursday night on social media, in a hasty announcement that appeared to catch the Pentagon by surprise.
A bipartisan group of US senators is pushing back on delays by the Department of Defense in sending about $600m in security aid to Ukraine and other allies in eastern Europe. They sent a letter to defense secretary Pete Hegseth on Friday that calls for the funding to be disbursed. Friction has grown between Congress and the Trump administration in recent weeks as lawmakers push for updates on what has happened to $400m in Ukraine aid and $200m more for defense programs in Estonia, Latvia and Lithuania that was allocated by Congress last year.
Continue reading...
:format(webp)/s3/static.nrc.nl/images/gn4/stripped/data148580828-29c2b9.jpg)